0

I'm getting this error when trying to start a custom systemd service.

netrender-slave.service: Failed at step EXEC spawning /usr/local/bin/netrender-slave.sh: Permission denied

Here's /etc/systemd/system/netrender-slave.service

[Unit]
Description=Blender netrender slave manager

[Service]
ExecStart=/usr/local/bin/netrender-slave.sh start  
ExecStop=/usr/local/bin/netrender-slave.sh stop
ExecReload=/usr/local/bin/netrender-slave.sh reload 
Type=simple

[Install]
WantedBy=multi-user.target

In this question, the problem was permissions on the script, but netrender-slave.sh seems ok:

~# ls -al /usr/local/bin
total 16
drwxr-xr-x  2 root root 4096 Dec  4 11:30 .
drwxr-xr-x 10 root root 4096 Apr 20  2016 ..
-rwxr-xr-x  1 root root  816 Dec  4 11:30 netrender-slave.sh

In this question the problem was insufficient privileges in one of the directories, but all of /usr/local/bin all appear similar to this:

drwxr-xr-x  2 root root 4096 Dec  4 11:30 .
drwxr-xr-x 10 root root 4096 Apr 20  2016 ..
...

However, in the comments of that same question this is offered:

the ls output did not show a trailing . after the UGO permissions drwxr-xr-x - GNU ls uses a . character to indicate a file with an SELinux security context, but no other alternate access method. A file with any other combination of alternate access methods is marked with a + character.

I don't understand how to check if this is my problem.

43Tesseracts
  • 1,197
  • selinux could be disabled to see if it is thwarting things. also does /usr/local/bin/netrender-slave.sh start if you run it manually? – thrig Dec 05 '17 at 01:01
  • if I run it with sh /usr/local/bin/netrender-slave.sh start it works. But just /usr/local/bin/netrender-slave.sh start gives: -bash: /usr/local/bin/netrender-slave.sh: /bin: bad interpreter: Permission denied – 43Tesseracts Dec 05 '17 at 01:05

1 Answers1

3

This is a bad way to do this, worthy of the systemd House of Horror. You might think that your only problem is the lack of an interpreter on the script file. It is not. Your larger problem, that you are not seeing, is the wrapping of a van Smoorenburg rc script, complete with wholly unnecessary Poor Man's service management, inside a service unit. This ends up with the wrong process as the dæmon, and does not manage things properly.

Do not do things that way at all.

You should tell its developers that its -b option is a confusingly documented.

[Unit]
Description=Blender netrender slave manager
Documentation=https://unix.stackexchange.com/a/408848/5132

[Service]
Type=simple
WorkingDirectory=/mnt/my-data
User=ec2-user
Environment=FLAGS="simple_slave_eiptarget.blend --addons netrender -a -noaudio -nojoystick"
ExecStart=/mnt/my-data/blender-2.73a-linux-glibc211-x86_64/blender -b $FLAGS --enable-autoexec

[Install]
WantedBy=multi-user.target

Further reading

JdeBP
  • 68,745
  • This is mostly beyond my skill level, but I'm trying it. Currently I'm getting this error when I systemctl daemon-reload: Dec 5 12:10:52 tbl-renderman systemd[1]: message repeated 4 times: [ [/etc/systemd/system/netrender-slave.service:11] Invalid environment assignment, ignoring: FLAGS=slaveGPU.blend --addons netrender -a -noaudio -nojoystick] – 43Tesseracts Dec 05 '17 at 20:12
  • Ok, I just moved the FLAGS directly in to ExecStart and it appears to be working. However, when I run systemctl start netrender-slave it starts working as expected, but I don't get my prompt back in the terminal, and then it bails: "root@tbl-renderman:~# systemctl start netrender-slave Job for netrender-slave.service failed because a timeout was exceeded." – 43Tesseracts Dec 05 '17 at 20:20
  • 1
    Try simple as now. – JdeBP Dec 05 '17 at 21:25